IpSecTransformState is a new API that exposed from a mainline module.
Ideally before SDK finalization, platform should check the API flag
com.android.net.flags.ipsec_transform_state before calling the API.
However the flag is defined in mainline module is not accessible from
the platform. Thus previously a placeholder flag was used.

This patch removes the usage of the placeholder flag. Instead the
code will check the availability of the API with a try catch block

Bug: 328844044
Test: atest FrameworksVcnTests && atest CtsVcnTestCases
Flag: NONE mainline API flag not accessible; using try catch
      block to gate the behavior
Change-Id: Ibbcb14817a6d714cdc99cf0894f1fc935a602a2c

Refactor getPacketLossRatePercentage to return an object instead of
an integer. This is for extending the Packet Loss Detector's ability
to handle inbound sequence number leap

This patch does not include any behavior changes

Bug: 332598276
Test: atest FrameworksVcnTests && atest CtsVcnTestCases
Change-Id: Ied42e581fb331ab0603225865236779f50cc4881

DDM is set to be deprecated soon. We need another venue to discover
the capabilities of the VM and Framework we used to get from FEAT and
HELO packets.

Test: NA
Bug: 333926583
Change-Id: I4743e2e840b6f87f9eb41a51e36ef0b6cab3ebe1

* changes:
  Adding FileSystemUtils test
  Punch holes in 64 bit native libs
  Add method to return Zip file name

Adding ENABLE_PUNCH_HOLES flag to enable punch hole changes in
JNI.

Test: acloud delete --all && m && acloud create --local-instance --local-image && adb logcat -c && m FileSystemUtilsTests && atest -c FileSystemUtilsTests
Bug: 301631861
Change-Id: I611893e3171e0a2334e4d49b195768cdfb57fb96

Adding tests to check whether apps can be launched after
loading the punched libs. One app has uncompressed shared lib which
will be directly loaded from apk and other will extract it.

Test: acloud delete --all && m && acloud create --local-instance --local-image && adb logcat -c && m FileSystemUtilsTests && atest -c FileSystemUtilsTests
Bug: 301631861
Change-Id: I4f7b38902f2e02e83a350cd1cc907f8edaa20c81

Extra padding at the end of LOAD segments is being introduced when libraries are being
aligned to 64KB. This increases space used by shared libraries.

This change deallocates space used by zero padding at the end of LOAD segments in given
uncompressed ELF file. Zero padding can be detected by reading ELF headers. Executable header
gives out the position of program headers. LOAD segments can be identified from program headers.
FileSiz specifies the size of the data in corresponding LOAD segment.

Ex. ELF header format for libpunchtest.so

Program Headers:
  Type           Offset   VirtAddr           PhysAddr           FileSiz  MemSiz   Flg Align
  PHDR           0x000040 0x0000000000000040 0x0000000000000040 0x0001f8 0x0001f8 R   0x8
  LOAD           0x000000 0x0000000000000000 0x0000000000000000 0x0003e8 0x0003e8 R   0x10000
  LOAD           0x010000 0x0000000000010000 0x0000000000010000 0x000050 0x000050 R E 0x10000
  LOAD           0x020000 0x0000000000020000 0x0000000000020000 0x0001b8 0x0001b8 RW  0x10000
  DYNAMIC        0x020018 0x0000000000020018 0x0000000000020018 0x000180 0x000180 RW  0x8
  GNU_RELRO      0x020000 0x0000000000020000 0x0000000000020000 0x0001b8 0x001000 R   0x1
  GNU_EH_FRAME   0x000368 0x0000000000000368 0x0000000000000368 0x000024 0x000024 R   0x4
  GNU_STACK      0x000000 0x0000000000000000 0x0000000000000000 0x000000 0x000000 RW  0
  NOTE           0x000238 0x0000000000000238 0x0000000000000238 0x000050 0x000050 R   0x4

Zero padding can be found as :
Padding Length = Offset of LOAD SEGMENT 2 - (Offset of LOAD SEGMENT 1 + FileSiz of LOAD SEGMENT 1)

This padding is present at position = (Offset of LOAD SEGMENT 1 + FileSiz of LOAD SEGMENT 1)

[fallocate(2)](http://man7.org/linux/man-pages/man2/fallocate.2.html) is used to deallocate the
zero ranges at the end of LOAD segments. It is called with above padding length and position.
If ELF file is present inside of ApK/Zip file, offset to the start of the ELF file should be added
to the position.

From test logs, stats for installation embedded_native_libs_test_app.apk. Note: ELF was 64bit aligned during tests.

Size before punching holes st_blocks: 2072, st_blksize: 4096, st_size: 1058429
Size after punching holes st_blocks: 1832, st_blksize: 4096, st_size: 1058429

Punching will be skipped for content which is less than 4096 bytes in
size.

Test: acloud delete --all && m && acloud create --local-instance --local-image && adb logcat -c && m FileSystemUtilsTests && atest -c FileSystemUtilsTests
Bug: 301631861
Change-Id: I86060f877f90e98c103e884cf6d303f0bdfa4d12

Test: m libandroidfw
Bug: 301631861
Change-Id: If6d0ddf6e3465f984209325406cfeaffc44f9d6a

If a class is not an inner class, use its @FlaggedApi annotation value.
Otherwise, use the flag value of the closest outer class that is annotated by
@FlaggedApi.

Bug: 331294167
Test: atest extract-flagged-apis-test
Change-Id: I9d40d3e7c5065a2a737d5420c4235445c6d16654

https://r.android.com/3009280 has introduced the mechanism to modify the
tag of the dist artifacts based on the soong_config_variable (i.e. based
on the value of the build flag "RELEASE_HIDDEN_API_EXPORTABLE_STUBS" or
the product variable "PRODUCT_HIDDEN_API_EXPORTABLE_STUBS"). In order to
minimize duplication, the change has kept the common properties within
the struct outside of the "soong_config_variables" block and only
specified the affected (list of) struct properties (tag) in the
"soong_config_variables" block.

However, this is an unsupported feature in Soong and led to the default
OutputFile (i.e. the output file when no tag is specified). In order to
fix this, this change specifies all properties of the struct in the
"soong_config_variables" block, with the cost of some duplication.

Test: ABTD
Bug: 333653043
Change-Id: If91099b3499894d5b1c284ace0e1f23c80b84051

Upstream linux has added support for pgtables, uid, and rss stats fields
in the mark_victim tracepoint[1]. Update the OomKillRecord to track the
new fields, and report them to telemetry.

[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=72ba14deb40a9e9668ec5e66a341ed657e5215c2



Test: statsd_testdrive 754 displays new fields
Test: m
Bug: 331214192
Change-Id: I23ee8b9a395c991d8506e927346b63d770152433
Merged-In: I23ee8b9a395c991d8506e927346b63d770152433
Signed-off-by: Carlos Galo <carlosgalo@google.com>

This method no longer has any callers, so remove it.

(As with other methods in android.security.KeyStore, this did have
@UnsupportedAppUsage.  However, there is no reason for apps to use this.
Therefore, removing it is allowed by the non-SDK interface policy.)

Bug: 326508120
Test: Build
Change-Id: I76facc1d54bf656188d1d4c5745224fc49836132

Bug: 327708654

Change-Id: I8c823776eb812d2afe8bb0726431534094108f29
Signed-off-by: Jia Jia <jia.jia@zte.com.cn>

Bug: 331294167
Test: atest extract-flagged-apis-test

Change-Id: I0e8a3e80be43194f8aafc0332d9ee1548df230ea

94058265

Change-Id: I847a3f5bd85879f02ddaa1d6043762121651ca31
Bug: 333155088

* changes:
  Call ISecretKeeper.deleteAll() from deleteSecrets()
  Delete keystore keys from RecoveryService.rebootRecoveryWithCommand()

* changes:
  Log the excessive incoming binder proxies into statsd
  Add a feature flag to log excessive incoming binder proxies in statsd

Bug: 314795235
Test: atest CtsNdefTestCases
Change-Id: Ife800d506f1277615ab112a72fcfb2de7c6ec573

Merge "MediaSessionRecord: add synchronize control for modification of mControllerCallbackHolders" into main

deleteSecrets() is called from rebootRecoveryWithCommand () before the
--wipe_data command is passed to recovery and the device is
force-rebooted.

Calling ISecretkeeper.deleteAll() destroys all secrets managed by
secretkeeper, thus ensuring that they are unrecoverable even if the full
data wipe in recovery is interrupted or skipped.

Bug: 324321147
Test: Manual - System -> Reset options -> Erase all data.
Test: Hold VolDown key to interrupt reboot and stop at bootloader
screen.
Test: fastboot oem bcd wipe command && fastboot oem bcd wipe recovery
Test: fastboot reboot
Test: Device reboots into recovery and prompts to factory reset:
Test: 'Cannot load Android system. Your data may be corrupt. ...'

Change-Id: I4c1c6615c0877d447d06ae45dd8ff86f7f14685a

Adds deleteSecrets() to RecoverySystemService. This method is called
from rebootRecoveryWithCommand () before the --wipe_data command is
passed to recovery and the device is force-rebooted.

deleteSecerts() calls IKeystoreMaintenance.deleteAllKeys() in order to
quickly destroy the keys protecting the synthetic password blobs
used to derive FBE encryption keys.

The intent is to make FBE-encrypted data unrecoverable even if the full
data wipe in recovery is interrupted or skipped.

Bug: 324321147
Test: Manual - System -> Reset options -> Erase all data.
Test: Hold VolDown key to interrupt reboot and stop at bootloader
screen.
Test: fastboot oem bcd wipe command && fastboot oem bcd wipe recovery
Test: fastboot reboot
Test: Device reboots into recovery and prompts to factory reset:
Test: 'Cannot load Android system. Your data may be corrupt. ...'

Change-Id: I5eb8e97f3ae1a18d5e7e7c2c7eca048ebff3440a

1df0ae18

Change-Id: I64489e569ab77585ab02b01872f64673e574b3ff
Bug: 333092549